Main Article Content
Students engage with the core operations of university business processes, making them potential targets susceptible to significant cyberattack risks due to their limited experience and knowledge in information security. Consequently, IT students must gain awareness and competence in information security to mitigate potential threats and attacks, including those related to Information Technology (IT) security threats and the loss of valuable information and intellectual assets. This paper aims to assess the Phishing Awareness Program implemented at the Department of Information Technology and Communication (ITC) in Politeknik Tuanku Syed Sirajuddin (PTSS) and its students' awareness level. The significance of this study is focusing on students’ weaknesses and educating them about being cyber victims. Thirty students were involved in participating in this survey. They were given a set of questionnaires and performed pre-test and post-tests. After that, they were given three videos related to phishing and, later, three videos related to the consequences of phishing. Their awareness evaluation was performed after video training had been completed. Even though the score results of the post-test were increased and got positive feedback from respondents, several respondents still got the medium-level score. Suggestion for improvement was obtained to improve the current video content and its implementation. This work contributes to the information security awareness domain, where managers at higher learning institutions can replicate similar processes as proposed in this work in conducting similar training awareness with their students.
This work is licensed under a Creative Commons Attribution 4.0 International License.